Add nginx-proxy

2022-02-06 19:01:07 +01:00 · 2022-02-06 19:01:07 +01:00 · 6fe27ae76f
commit 6fe27ae76f
parent 278c4018ea
3 changed files with 81 additions and 0 deletions
--- a/nginx-proxy/README.md
+++ b/nginx-proxy/README.md
@ -0,0 +1,14 @@
+# nginx-proxy
+
+Automatic ssl-terminating reverse proxy.
+
+This project contains three containers:
+The nginx container works as the proxy.
+The docker-gen container listens for new containers and manages the config file for nginx.
+The acme-companion container generates and manages the ssl certificates for the hosts.
+
+## Important step when deploying
+The docker-gen container needs a template file called `nginx.tmpl` which can be found [here](https://github.com/nginx-proxy/nginx-proxy/blob/main/nginx.tmpl)
+Place this file next to the docker-compose file when deploying locally.
+Deploy the stack and upload the file to the named volume. Restart the docker-gen container afterwards.
+
--- a/nginx-proxy/docker-compose.yaml
+++ b/nginx-proxy/docker-compose.yaml
@ -0,0 +1,51 @@
+version: '2.1'
+services:
+  nginx:
+    image: nginx
+    container_name: nginx
+    ports:
+      - "80:80"
+      - "443:443"
+    volumes:
+      - nginx_conf:/etc/nginx/conf.d
+      - certs:/etc/nginx/certs
+      - vhost:/etc/nginx/vhost.d
+      - html:/usr/share/nginx/html
+    networks:
+      - webproxy
+
+  dockergen:
+    image: nginxproxy/docker-gen
+    container_name: dockergen
+    command: -notify-sighup nginx -watch -wait 5s:30s /etc/docker-gen/templates/nginx.tmpl
+      /etc/nginx/conf.d/default.conf
+    volumes_from:
+      - nginx
+    volumes:
+      - /var/run/docker.sock:/tmp/docker.sock:ro
+      # - ./nginx.tmpl:/etc/docker-gen/templates/nginx.tmpl # use this for the file next to this file
+      - nginx-tmpl:/etc/docker-gen/templates/ # use this for a named volume containing the file
+    networks:
+      - webproxy
+
+  acme-companion:
+    image: nginxproxy/acme-companion
+    volumes_from:
+      - nginx
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - acme:/etc/acme.sh
+    environment:
+      - NGINX_DOCKER_GEN_CONTAINER=dockergen
+      # - ACME_CA_URI=https://acme-staging-v02.api.letsencrypt.org/directory  # set this for staging environment from letsencrypt
+
+volumes:
+  nginx_conf:
+  certs:
+  vhost:
+  html:
+  acme:
+
+networks:
+  webproxy:
+    name: webproxy
--- a/nginx-proxy/exmaple-service.yaml
+++ b/nginx-proxy/exmaple-service.yaml
@ -0,0 +1,16 @@
+version: "3"
+services:
+  service_name:
+    image: image
+    environment: 
+      - VIRTUAL_HOST=test.jfreudenberger.de # the domain where the service should be reached
+      - VIRTUAL_PORT=8000 # the port the service listens in the container
+      - LETSENCRYPT_HOST=test.jfreudenberger.de # the same domain as VIRTUAL_HOST; this enables ssl
+    networks:
+      - webproxy
+      
+networks:
+ webproxy:
+   external:
+     name: webproxy
+